cleantalk
Vulnerabilities and Security Researches

WPForms Google Sheet Connector, CVE-2023-2321

CVE, Research URL

CVE-2023-2321

Home page URL

Security reports for WPForms Google Sheet Connector

Application

WPForms Google Sheet Connector

Published on
Jul 04, 2023
Research Description
The WPForms Google Sheet Connector WordPress plugin before 3.4.6, gsheetconnector-wpforms-pro WordPress plugin through 3.4.6 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions
max 3.4.6.
Status
vulnerable
Previous vulnerability researches
WPForms Google Sheet Connector (CVE-2025-67570) , Jan 11, 2026
WPForms Google Sheet Connector (CVE-2023-2321) , Jun 07, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026